Re: [ldm-users] Strange LDM connectivity issue

  • To: Evan Breznyik <evan@xxxxxxxxxxxx>
  • Subject: Re: [ldm-users] Strange LDM connectivity issue
  • From: Gerry Creager - NOAA Affiliate <gerry.creager@xxxxxxxx>
  • Date: Tue, 19 Jan 2021 16:57:52 -0600
notifyme is another valuable tool for seeing if you're getting connection
errors and trying to characterize. However, I suspect Daryl is on to
something regarding a firewall issue.

gerry

On Tue, Jan 19, 2021 at 4:55 PM Evan Breznyik <evan@xxxxxxxxxxxx> wrote:

> I agree but will add:  we see problems with ldmping even when there is no
> firewall and our servers are actively connected, so YMMV.
>
> My fallback is to netcat or telnet to the LDM port (388) to test.   With
> ldmping, it rarely works as described for me.  Of the 15 or so servers we
> connect to, I can only ldmping one of them, and of those 15 I run 4 of them
> and fully control the network plane which is wide open, so...I would try
> the netcat or telnet trick...or, if possible, ping or traceroute to the
> IP/host from LDM user or with sudo powers as well.  That can rule in or out
> network/firewall issues...or it can also tell you (like I often
> experience):  "the connection works fine but ldmping is confused for some
> other reason".
>
> On Tue, Jan 19, 2021 at 9:26 AM Herzmann, Daryl E [AGRON] <
> akrherz@xxxxxxxxxxx> wrote:
>
>> Hi Robert,
>>
>> This certainly looks like a firewall/routing issue. Some things I would
>> suggest checking.
>>
>> 1) Is there a routable network path between the LDM client and server and
>> back to the client?  Perhaps these devices are behind NATs which have their
>> own firewalls?  Are you able to connect from the client to the server on
>> other ports, like SSH, HTTP, etc?
>>
>> 2) On the server, double check your firewall settings.  If you can,
>> temporally drop the server firewall and see if the LDM client can ping.
>> Ensure that you don't have both iptables and firewalld running at the same
>> time.
>>
>> 3) Can any other LDM client connect to this server?
>>
>> 4) On the client, ensure the server's FQDN doesn't exist in /etc/hosts
>> with a different IP as you mentioned DNS already has it.
>>
>> daryl
>>
>> --
>> /**
>>  * daryl herzmann
>>  * Systems Analyst III -- Iowa Environmental Mesonet
>>  * https://mesonet.agron.iastate.edu
>>  */
>>
>> ________________________________________
>> From: ldm-users <ldm-users-bounces@xxxxxxxxxxxxxxxx> on behalf of
>> Mullenax,     Robert R. (WFF-820.0)[ORBITAL SCIENCES CORPORATION] via
>> ldm-users <ldm-users@xxxxxxxxxxxxxxxx>
>> Sent: Tuesday, January 19, 2021 11:14 AM
>> To: ldm-users
>> Subject: [ldm-users] Strange LDM connectivity issue
>>
>> Good morning,
>>
>> I rarely have LDM connectivity issues, but am having a weird one this
>> morning. I have two systems, at our facilities in different states that I
>> manage. Our NOAAport ingest machine is down at one location, so I want to
>> feed from the LDM server at the other location that is being fed by another
>> dish/NOAAport ingest machine. I have proper allows/request on both ends,
>> DNS resolves correctly, SELinux (CENTOS 7) is disabled on both machines,
>> and port 388 is allowed through firewall. Each machine is getting a
>> non-NOAAPort data feed from another out-of-state LDM just fine.
>>
>> Ldmping results in:
>>
>> 20210119T171056.791467Z ldmping[11619] ERROR ldmping.c:75:print_hstat()
>> SVC_UNAVAIL  10.097094    0  XXXXXXXXXXXX.com
>> h_clnt_create(XXXXXXXXXXXXX.com): Timed out while creating connection
>>
>> Yet the server on the other end is running and all is nominal.
>>
>> Any ideas on what to check?
>>
>> Thanks,
>> Robert Mullenax
>>
>> Robert Mullenax
>> Staff Meteorologist
>> CSBF/Northrop Grumman
>> Palestine, Texas
>> 903-729-0271
>>
>> _______________________________________________
>> NOTE: All exchanges posted to Unidata maintained email lists are
>> recorded in the Unidata inquiry tracking system and made publicly
>> available through the web.  Users who post to any of the lists we
>> maintain are reminded to remove any personal information that they
>> do not want to be made public.
>>
>>
>> ldm-users mailing list
>> ldm-users@xxxxxxxxxxxxxxxx
>> For list information or to unsubscribe,  visit:
>> https://www.unidata.ucar.edu/mailing_lists/
>>
> _______________________________________________
> NOTE: All exchanges posted to Unidata maintained email lists are
> recorded in the Unidata inquiry tracking system and made publicly
> available through the web.  Users who post to any of the lists we
> maintain are reminded to remove any personal information that they
> do not want to be made public.
>
>
> ldm-users mailing list
> ldm-users@xxxxxxxxxxxxxxxx
> For list information or to unsubscribe,  visit:
> https://www.unidata.ucar.edu/mailing_lists/
>


-- 
Gerry Creager
NSSL/CIMMS
(C) 979.229.5301 <--- NOTE THAT MY OFFICE NUMBER HAS CHANGED
++++++++++++++++++++++
*The way to get started is to quit talking and begin doing.*

*   Walt Disney*
  • 2021 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the ldm-users archives: